Event details

Have questions about using Microsoft Intune to enforce device compliance? Curious how to configure devices to help prevent security breaches and limit the impact of threats? Ask Microsoft Anything (A...
Pearl-Angeles
Updated Jan 21, 2026
AMA
Tech Community Live
Pearl-Angeles's avatar
Pearl-Angeles
Icon for Community Manager rankCommunity Manager
Jan 26, 2026

Thank you everyone, for your participation in today's session! Q&A is open through this Friday at 12p PT!

Below are the questions the panelists answered live, along with associated timestamps: 

Question – You’re spending a lot of time on copilot/AI integrations into the product. It’s been helpful to see how this shows up in the product. Can you share more about how you’re infusing the Settings process with AI? – answered at 1:36.

Question – I have started applying security policies for Defender for Endpoint using MDE to manage them, adding the MDE tag to my Windows 11 machines. If I am migrating to Intune management, is it necessary to offboard the devices first, before applying the auto-enroll GPO and onboarding device configuration to the machines? – answered at 6:26.

Question – If we are pre-provisioning devices using Autopilot, how long will it take for them to report in as compliant in Defender? – answered at 12:27.

Question – Apologies if this was mentioned earlier, but to which licensing model is this applicable to? E5? – answered at 16:46.

Question – Can you provide greater clarity regarding the distinctions between Medium, High, and other risk levels? Concerned that overly stringent Defender requirements may adversely affect the overall Intune MDM user experience. – answered at 17:11.

Question – Do you have anything currently available or in development that will act similar to GPresult/RSOP (result set up policy) to see what settings are applied via Intune on a device and what policy applies the setting? – answered at 22:54.

Question – In a mixed environment (Entra ID joined + hybrid joined + a few BYOD), what’s your recommended baseline policy stack in Intune + Defender so we avoid overlapping controls and false positives? And how do you decide what belongs in Intune vs Defender? – answered at 32:03.

Question – Can we apply a compliance policy for risk level if the computer has Defender but is not in Intune it is manage from different MDM? – answered at 40:00.

Question – Can we only use MS Defender for Intune managed devices? What are the prerequisites? – answered at 44:37.

Question – So, with Intune, Defender for Cloud/M365, where is the overlap with Purview? As long as your environment is stood up using CAF/WAF with proper management groups that are top down? -- Note for audience -- CAF = Cloud Adoption Framework and WAF = Well-Architected Framework – answered at 46:05.

Question – Do you recommend the security baselines in Intune? – answered at 50:57.